New worm spread via USB flash drives
SillyFD-AA worm spreads from USB flash drives and looks for other removable devices to infect.
Experts have warned users of a new type of worm that propagates itself via USB flash memory devices.
The SillyFD-AA worm has been shown to search for removable drives on a computer and then makes copies of itself on these devices. It then creates a hidden file called "autorun.inf" which runs the worm next time the flash drive is plugged into a Windows computer. It also changes the title of Internet Explorer windows to append the phrase "Hacked by 1BYTE".
Graham Cluley, senior technology consultant at anti-virus firm Sophos said that USB drives are increasingly being given away at trade shows and in direct mailshots as they are now so cheap.
"Marketing people are prepared to use them as 'throwaways' with the aim of securing sales leads," he said. "Computer owners should tread very carefully when plugging an unknown device into their PC, however, as it could have malicious code planted on it."
He said that with a significant rise in financially motivated malware it could be an obvious backdoor into a company for criminals "bent on targeting a specific business with their malicious code."
He said that hackers are now looking for less defended entry points into organisation's infrastructure and USB devices offered a way in.
"In this example, changing the title of the Internet Explorer browser's windows should be a pretty clear sign to most people that something strange is afoot," said Cluley. "It also indicates that this particular variant of the worm has not been written with completely clandestine intentions. A more savvy internet criminal would have not made it so obvious that the PC has been broken into, but silently steal from the PC without leaving such an obvious clue."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
He said that users should consider disabling the autorun facility of Windows so removable devices such as USB keys and CD-Roms do not automatically launch when they are attached to a PC.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.